Wednesday 04 Nov 2015 @ 12:20
CESG
Printable version

CESG releases new guidance for secure voice technology

Risks to voice data

Voice data is subject to a number of key threats:

  • calls are placed to or received from an attacker and the user doesn't realise, resulting in compromise of spoken data
  • attacker with privileged network access can access all call content and metadata for a user on that network
  • attacker compromises a cellular base station, or uses a false base station, and gains access to all call content and metadata for all users on that base station
  • attacker could cause calls to be routed via infrastructure they control (e.g. offering low-cost routing), enabling interception

New CESG guidance

Secure Voice technology is changing rapidly, and CESG policy is evolving to keep up with the pace of change.

The Secure Voice at OFFICIAL guidance (PDF 351KB) describes the current status and policy of secure voice technology for protecting OFFICIAL and OFFICIAL SENSITIVE communications.​

 

Channel website: https://www.ncsc.gov.uk/

Share this article

Latest News from
CESG

UK girls triumph in national cyber skills contest

05/12/2024 10:10:00

Teams of girls from schools across the UK have been crowned cyber security champions

Risk facing UK "widely underestimated", cyber chief to warn in first major speech

03/12/2024 18:14:10

Richard Horne described the cyber risks facing the nation as “widely underestimated” and call for collective action against an increasingly complex array of threats.

UK and allies warn about shift in cyber attackers exploiting zero-day vulnerabilities

14/11/2024 11:05:00

NCSC and international partners share top 15 vulnerabilities that were routinely exploited by cyber attackers last year.

The 4th Republic of Korea-UK Cyber Dialogue held in London

08/11/2024 15:18:00

The 4th Republic of Korea (ROK)-United Kingdom (UK) Cyber Dialogue was held in London on 6 November 2024.

Cyber Essentials scheme marks a decade of boosting businesses’ cyber defences

28/10/2024 16:05:00

Following the 10 successful years of the Cyber Essentials scheme, more businesses urged to strengthen cyber security protections

Exploitation of vulnerability affecting Fortinet FortiManager

25/10/2024 09:20:00

The NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability affecting Fortinet FortiManager (CVE-2024-47575) and to follow the latest vendor advice.

NCSC warns of widening gap between cyber threats and defence capabilities

17/10/2024 09:05:00

Dr Richard Horne, CEO NCSC calls for greater global resilience against online security threats at Singapore International Cyber Week.

All UK schools offered free cyber service to protect against online threats

16/10/2024 16:15:00

Following the successful initial roll out of PDNS for Schools last year, all schools in the UK can now benefit from the enhanced cyber resilience service.

Team of British women to take part in international cyber event in Japan

08/10/2024 16:20:00

Being announced on Ada Lovelace Day, a team of CyberFirst Bursary alumni will be representing the UK at the inaugural Kunoichi Cyber Games taking place at the Code Blue cyber security conference in Tokyo.